I’m investigating a situation where there was a hundreds of minutes of calls from an internal SIP extension to an 855 number in Cambodia, resulting in a crazy ($25,000+) bill from the phone company. I’m investigating, but can anyone provide some feedback on what’s happened here? I’m investigating how this happened as well as what types of arrangements can be made with the phone company (CenturyLink in Texas).
* PBX is located in Texas
* Phone carrier is CenturyLink
* FreePBX distro running asterisk 1.8.14
* source SIP extension is Mitel 5212, firmware 08.00.00.04, default admin password (argh!). Phone is used by many different people.
More PBX setting details:
* inbound SIP traffic is not allowed through the firewall
* internal network is not accessed by many
* FreePBX web interface
*Questions I have at this moment:*
1) how were the calls placed? Was the Mitel SIP phone hacked somehow?
2) how does this typically get sorted out with the phone company? they are charging $6.25 per minute for the Texas to Cambodia calls. The phone system owners are at fault, but how have these situations worked out in the past?
I’ll be tightening things up, but any feedback is appreciated.